News

The Arsink RAT Android malware campaign continues to proliferate, harvesting SMS, contacts, call logs, media, and enabling remote control of infected devices. Reference here https://zimperium.com/blog/the-rise-of-arsink-rat

Phishing campaigns abusing trusted cloud platforms are rising, exposing enterprises to credential theft, account takeover, and supply chain risks by leveraging legitimate infrastructure for malicious delivery. More information here https://hackread.com/phishing-campaigns-cloud-platforms-enterprises-risks/

The Interlock ransomware group, a dedicated non-RaaS actor, executed a multi-stage intrusion using NodeSnakeRAT/Interlock RAT implants and a zero-day process killing tool to disable EDR and exfiltrate/encrypt victim data. More…

A significant increase in NFC relay malware has been observed in Eastern Europe, with researchers identifying over 760 malicious Android apps exploiting Near-Field Communication technology to steal credit card information.…

Russia-backed COLDRIVER has launched a new cyber-espionage campaign targeting NATO entities using NOROBOT, a downloader that employs fake CAPTCHA lures to deploy backdoors like MAYBEROBOT for intelligence gathering. For more…

A new supply chain attack, GlassWorm malware, has been targeting developers on OpenVSX and Microsoft VS Code marketplaces, with over 35,800 installations. For more information, please check here https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace

DarkCloud Stealer is targeting financial firms via phishing emails with malicious RAR attachments, using MSBuild.exe injection and a PowerShell-downloaded JPG to decrypt an embedded .NET file and steal credentials from…

The US Federal Bureau of Investigation (FBI) has issued an alert warning that criminals are impersonating government officials through fake voice and text messages. The alert states that the campaign…